1*4882a593Smuzhiyun #include <stdio.h>
2*4882a593Smuzhiyun #include <stdlib.h>
3*4882a593Smuzhiyun #include <string.h>
4*4882a593Smuzhiyun #include <assert.h>
5*4882a593Smuzhiyun #include "aes_core.h"
6*4882a593Smuzhiyun
7*4882a593Smuzhiyun #ifndef uint32_t
8*4882a593Smuzhiyun #define uint32_t unsigned int
9*4882a593Smuzhiyun #endif
10*4882a593Smuzhiyun
11*4882a593Smuzhiyun /**
12*4882a593Smuzhiyun * \brief SHA-1 context structure
13*4882a593Smuzhiyun */
14*4882a593Smuzhiyun typedef struct
15*4882a593Smuzhiyun {
16*4882a593Smuzhiyun uint32_t total[2]; /*!< number of bytes processed */
17*4882a593Smuzhiyun uint32_t state[5]; /*!< intermediate digest state */
18*4882a593Smuzhiyun unsigned char buffer[64]; /*!< data block being processed */
19*4882a593Smuzhiyun }
20*4882a593Smuzhiyun RK_SHA1_CTX;
21*4882a593Smuzhiyun
22*4882a593Smuzhiyun /* Implementation that should never be optimized out by the compiler */
mbedtls_zeroize(void * v,size_t n)23*4882a593Smuzhiyun static void mbedtls_zeroize( void *v, size_t n ) {
24*4882a593Smuzhiyun volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
25*4882a593Smuzhiyun }
26*4882a593Smuzhiyun
27*4882a593Smuzhiyun /*
28*4882a593Smuzhiyun * 32-bit integer manipulation macros (big endian)
29*4882a593Smuzhiyun */
30*4882a593Smuzhiyun #ifndef GET_UINT32_BE
31*4882a593Smuzhiyun #define GET_UINT32_BE(n,b,i) \
32*4882a593Smuzhiyun { \
33*4882a593Smuzhiyun (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
34*4882a593Smuzhiyun | ( (uint32_t) (b)[(i) + 1] << 16 ) \
35*4882a593Smuzhiyun | ( (uint32_t) (b)[(i) + 2] << 8 ) \
36*4882a593Smuzhiyun | ( (uint32_t) (b)[(i) + 3] ); \
37*4882a593Smuzhiyun }
38*4882a593Smuzhiyun #endif
39*4882a593Smuzhiyun
40*4882a593Smuzhiyun #ifndef PUT_UINT32_BE
41*4882a593Smuzhiyun #define PUT_UINT32_BE(n,b,i) \
42*4882a593Smuzhiyun { \
43*4882a593Smuzhiyun (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
44*4882a593Smuzhiyun (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
45*4882a593Smuzhiyun (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
46*4882a593Smuzhiyun (b)[(i) + 3] = (unsigned char) ( (n) ); \
47*4882a593Smuzhiyun }
48*4882a593Smuzhiyun #endif
49*4882a593Smuzhiyun
mbedtls_sha1_init(RK_SHA1_CTX * ctx)50*4882a593Smuzhiyun void mbedtls_sha1_init( RK_SHA1_CTX *ctx )
51*4882a593Smuzhiyun {
52*4882a593Smuzhiyun memset( ctx, 0, sizeof( RK_SHA1_CTX ) );
53*4882a593Smuzhiyun }
54*4882a593Smuzhiyun
mbedtls_sha1_free(RK_SHA1_CTX * ctx)55*4882a593Smuzhiyun void mbedtls_sha1_free( RK_SHA1_CTX *ctx )
56*4882a593Smuzhiyun {
57*4882a593Smuzhiyun if( ctx == NULL )
58*4882a593Smuzhiyun return;
59*4882a593Smuzhiyun
60*4882a593Smuzhiyun mbedtls_zeroize( ctx, sizeof( RK_SHA1_CTX ) );
61*4882a593Smuzhiyun }
62*4882a593Smuzhiyun
mbedtls_sha1_clone(RK_SHA1_CTX * dst,const RK_SHA1_CTX * src)63*4882a593Smuzhiyun void mbedtls_sha1_clone( RK_SHA1_CTX *dst,
64*4882a593Smuzhiyun const RK_SHA1_CTX *src )
65*4882a593Smuzhiyun {
66*4882a593Smuzhiyun *dst = *src;
67*4882a593Smuzhiyun }
68*4882a593Smuzhiyun
69*4882a593Smuzhiyun /*
70*4882a593Smuzhiyun * SHA-1 context setup
71*4882a593Smuzhiyun */
mbedtls_sha1_starts(RK_SHA1_CTX * ctx)72*4882a593Smuzhiyun void mbedtls_sha1_starts( RK_SHA1_CTX *ctx )
73*4882a593Smuzhiyun {
74*4882a593Smuzhiyun ctx->total[0] = 0;
75*4882a593Smuzhiyun ctx->total[1] = 0;
76*4882a593Smuzhiyun
77*4882a593Smuzhiyun ctx->state[0] = 0x67452301;
78*4882a593Smuzhiyun ctx->state[1] = 0xEFCDAB89;
79*4882a593Smuzhiyun ctx->state[2] = 0x98BADCFE;
80*4882a593Smuzhiyun ctx->state[3] = 0x10325476;
81*4882a593Smuzhiyun ctx->state[4] = 0xC3D2E1F0;
82*4882a593Smuzhiyun }
83*4882a593Smuzhiyun
84*4882a593Smuzhiyun #if !defined(MBEDTLS_SHA1_PROCESS_ALT)
mbedtls_sha1_process(RK_SHA1_CTX * ctx,const unsigned char data[64])85*4882a593Smuzhiyun void mbedtls_sha1_process( RK_SHA1_CTX *ctx, const unsigned char data[64] )
86*4882a593Smuzhiyun {
87*4882a593Smuzhiyun uint32_t temp, W[16], A, B, C, D, E;
88*4882a593Smuzhiyun
89*4882a593Smuzhiyun GET_UINT32_BE( W[ 0], data, 0 );
90*4882a593Smuzhiyun GET_UINT32_BE( W[ 1], data, 4 );
91*4882a593Smuzhiyun GET_UINT32_BE( W[ 2], data, 8 );
92*4882a593Smuzhiyun GET_UINT32_BE( W[ 3], data, 12 );
93*4882a593Smuzhiyun GET_UINT32_BE( W[ 4], data, 16 );
94*4882a593Smuzhiyun GET_UINT32_BE( W[ 5], data, 20 );
95*4882a593Smuzhiyun GET_UINT32_BE( W[ 6], data, 24 );
96*4882a593Smuzhiyun GET_UINT32_BE( W[ 7], data, 28 );
97*4882a593Smuzhiyun GET_UINT32_BE( W[ 8], data, 32 );
98*4882a593Smuzhiyun GET_UINT32_BE( W[ 9], data, 36 );
99*4882a593Smuzhiyun GET_UINT32_BE( W[10], data, 40 );
100*4882a593Smuzhiyun GET_UINT32_BE( W[11], data, 44 );
101*4882a593Smuzhiyun GET_UINT32_BE( W[12], data, 48 );
102*4882a593Smuzhiyun GET_UINT32_BE( W[13], data, 52 );
103*4882a593Smuzhiyun GET_UINT32_BE( W[14], data, 56 );
104*4882a593Smuzhiyun GET_UINT32_BE( W[15], data, 60 );
105*4882a593Smuzhiyun
106*4882a593Smuzhiyun #define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
107*4882a593Smuzhiyun
108*4882a593Smuzhiyun #define R(t) \
109*4882a593Smuzhiyun ( \
110*4882a593Smuzhiyun temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
111*4882a593Smuzhiyun W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
112*4882a593Smuzhiyun ( W[t & 0x0F] = S(temp,1) ) \
113*4882a593Smuzhiyun )
114*4882a593Smuzhiyun
115*4882a593Smuzhiyun #define P(a,b,c,d,e,x) \
116*4882a593Smuzhiyun { \
117*4882a593Smuzhiyun e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
118*4882a593Smuzhiyun }
119*4882a593Smuzhiyun
120*4882a593Smuzhiyun A = ctx->state[0];
121*4882a593Smuzhiyun B = ctx->state[1];
122*4882a593Smuzhiyun C = ctx->state[2];
123*4882a593Smuzhiyun D = ctx->state[3];
124*4882a593Smuzhiyun E = ctx->state[4];
125*4882a593Smuzhiyun
126*4882a593Smuzhiyun #define F(x,y,z) (z ^ (x & (y ^ z)))
127*4882a593Smuzhiyun #define K 0x5A827999
128*4882a593Smuzhiyun
129*4882a593Smuzhiyun P( A, B, C, D, E, W[0] );
130*4882a593Smuzhiyun P( E, A, B, C, D, W[1] );
131*4882a593Smuzhiyun P( D, E, A, B, C, W[2] );
132*4882a593Smuzhiyun P( C, D, E, A, B, W[3] );
133*4882a593Smuzhiyun P( B, C, D, E, A, W[4] );
134*4882a593Smuzhiyun P( A, B, C, D, E, W[5] );
135*4882a593Smuzhiyun P( E, A, B, C, D, W[6] );
136*4882a593Smuzhiyun P( D, E, A, B, C, W[7] );
137*4882a593Smuzhiyun P( C, D, E, A, B, W[8] );
138*4882a593Smuzhiyun P( B, C, D, E, A, W[9] );
139*4882a593Smuzhiyun P( A, B, C, D, E, W[10] );
140*4882a593Smuzhiyun P( E, A, B, C, D, W[11] );
141*4882a593Smuzhiyun P( D, E, A, B, C, W[12] );
142*4882a593Smuzhiyun P( C, D, E, A, B, W[13] );
143*4882a593Smuzhiyun P( B, C, D, E, A, W[14] );
144*4882a593Smuzhiyun P( A, B, C, D, E, W[15] );
145*4882a593Smuzhiyun P( E, A, B, C, D, R(16) );
146*4882a593Smuzhiyun P( D, E, A, B, C, R(17) );
147*4882a593Smuzhiyun P( C, D, E, A, B, R(18) );
148*4882a593Smuzhiyun P( B, C, D, E, A, R(19) );
149*4882a593Smuzhiyun
150*4882a593Smuzhiyun #undef K
151*4882a593Smuzhiyun #undef F
152*4882a593Smuzhiyun
153*4882a593Smuzhiyun #define F(x,y,z) (x ^ y ^ z)
154*4882a593Smuzhiyun #define K 0x6ED9EBA1
155*4882a593Smuzhiyun
156*4882a593Smuzhiyun P( A, B, C, D, E, R(20) );
157*4882a593Smuzhiyun P( E, A, B, C, D, R(21) );
158*4882a593Smuzhiyun P( D, E, A, B, C, R(22) );
159*4882a593Smuzhiyun P( C, D, E, A, B, R(23) );
160*4882a593Smuzhiyun P( B, C, D, E, A, R(24) );
161*4882a593Smuzhiyun P( A, B, C, D, E, R(25) );
162*4882a593Smuzhiyun P( E, A, B, C, D, R(26) );
163*4882a593Smuzhiyun P( D, E, A, B, C, R(27) );
164*4882a593Smuzhiyun P( C, D, E, A, B, R(28) );
165*4882a593Smuzhiyun P( B, C, D, E, A, R(29) );
166*4882a593Smuzhiyun P( A, B, C, D, E, R(30) );
167*4882a593Smuzhiyun P( E, A, B, C, D, R(31) );
168*4882a593Smuzhiyun P( D, E, A, B, C, R(32) );
169*4882a593Smuzhiyun P( C, D, E, A, B, R(33) );
170*4882a593Smuzhiyun P( B, C, D, E, A, R(34) );
171*4882a593Smuzhiyun P( A, B, C, D, E, R(35) );
172*4882a593Smuzhiyun P( E, A, B, C, D, R(36) );
173*4882a593Smuzhiyun P( D, E, A, B, C, R(37) );
174*4882a593Smuzhiyun P( C, D, E, A, B, R(38) );
175*4882a593Smuzhiyun P( B, C, D, E, A, R(39) );
176*4882a593Smuzhiyun
177*4882a593Smuzhiyun #undef K
178*4882a593Smuzhiyun #undef F
179*4882a593Smuzhiyun
180*4882a593Smuzhiyun #define F(x,y,z) ((x & y) | (z & (x | y)))
181*4882a593Smuzhiyun #define K 0x8F1BBCDC
182*4882a593Smuzhiyun
183*4882a593Smuzhiyun P( A, B, C, D, E, R(40) );
184*4882a593Smuzhiyun P( E, A, B, C, D, R(41) );
185*4882a593Smuzhiyun P( D, E, A, B, C, R(42) );
186*4882a593Smuzhiyun P( C, D, E, A, B, R(43) );
187*4882a593Smuzhiyun P( B, C, D, E, A, R(44) );
188*4882a593Smuzhiyun P( A, B, C, D, E, R(45) );
189*4882a593Smuzhiyun P( E, A, B, C, D, R(46) );
190*4882a593Smuzhiyun P( D, E, A, B, C, R(47) );
191*4882a593Smuzhiyun P( C, D, E, A, B, R(48) );
192*4882a593Smuzhiyun P( B, C, D, E, A, R(49) );
193*4882a593Smuzhiyun P( A, B, C, D, E, R(50) );
194*4882a593Smuzhiyun P( E, A, B, C, D, R(51) );
195*4882a593Smuzhiyun P( D, E, A, B, C, R(52) );
196*4882a593Smuzhiyun P( C, D, E, A, B, R(53) );
197*4882a593Smuzhiyun P( B, C, D, E, A, R(54) );
198*4882a593Smuzhiyun P( A, B, C, D, E, R(55) );
199*4882a593Smuzhiyun P( E, A, B, C, D, R(56) );
200*4882a593Smuzhiyun P( D, E, A, B, C, R(57) );
201*4882a593Smuzhiyun P( C, D, E, A, B, R(58) );
202*4882a593Smuzhiyun P( B, C, D, E, A, R(59) );
203*4882a593Smuzhiyun
204*4882a593Smuzhiyun #undef K
205*4882a593Smuzhiyun #undef F
206*4882a593Smuzhiyun
207*4882a593Smuzhiyun #define F(x,y,z) (x ^ y ^ z)
208*4882a593Smuzhiyun #define K 0xCA62C1D6
209*4882a593Smuzhiyun
210*4882a593Smuzhiyun P( A, B, C, D, E, R(60) );
211*4882a593Smuzhiyun P( E, A, B, C, D, R(61) );
212*4882a593Smuzhiyun P( D, E, A, B, C, R(62) );
213*4882a593Smuzhiyun P( C, D, E, A, B, R(63) );
214*4882a593Smuzhiyun P( B, C, D, E, A, R(64) );
215*4882a593Smuzhiyun P( A, B, C, D, E, R(65) );
216*4882a593Smuzhiyun P( E, A, B, C, D, R(66) );
217*4882a593Smuzhiyun P( D, E, A, B, C, R(67) );
218*4882a593Smuzhiyun P( C, D, E, A, B, R(68) );
219*4882a593Smuzhiyun P( B, C, D, E, A, R(69) );
220*4882a593Smuzhiyun P( A, B, C, D, E, R(70) );
221*4882a593Smuzhiyun P( E, A, B, C, D, R(71) );
222*4882a593Smuzhiyun P( D, E, A, B, C, R(72) );
223*4882a593Smuzhiyun P( C, D, E, A, B, R(73) );
224*4882a593Smuzhiyun P( B, C, D, E, A, R(74) );
225*4882a593Smuzhiyun P( A, B, C, D, E, R(75) );
226*4882a593Smuzhiyun P( E, A, B, C, D, R(76) );
227*4882a593Smuzhiyun P( D, E, A, B, C, R(77) );
228*4882a593Smuzhiyun P( C, D, E, A, B, R(78) );
229*4882a593Smuzhiyun P( B, C, D, E, A, R(79) );
230*4882a593Smuzhiyun
231*4882a593Smuzhiyun #undef K
232*4882a593Smuzhiyun #undef F
233*4882a593Smuzhiyun
234*4882a593Smuzhiyun ctx->state[0] += A;
235*4882a593Smuzhiyun ctx->state[1] += B;
236*4882a593Smuzhiyun ctx->state[2] += C;
237*4882a593Smuzhiyun ctx->state[3] += D;
238*4882a593Smuzhiyun ctx->state[4] += E;
239*4882a593Smuzhiyun }
240*4882a593Smuzhiyun #endif /* !MBEDTLS_SHA1_PROCESS_ALT */
241*4882a593Smuzhiyun
242*4882a593Smuzhiyun /*
243*4882a593Smuzhiyun * SHA-1 process buffer
244*4882a593Smuzhiyun */
mbedtls_sha1_update(RK_SHA1_CTX * ctx,const unsigned char * input,size_t ilen)245*4882a593Smuzhiyun void mbedtls_sha1_update( RK_SHA1_CTX *ctx, const unsigned char *input, size_t ilen )
246*4882a593Smuzhiyun {
247*4882a593Smuzhiyun size_t fill;
248*4882a593Smuzhiyun uint32_t left;
249*4882a593Smuzhiyun
250*4882a593Smuzhiyun if( ilen == 0 )
251*4882a593Smuzhiyun return;
252*4882a593Smuzhiyun
253*4882a593Smuzhiyun left = ctx->total[0] & 0x3F;
254*4882a593Smuzhiyun fill = 64 - left;
255*4882a593Smuzhiyun
256*4882a593Smuzhiyun ctx->total[0] += (uint32_t) ilen;
257*4882a593Smuzhiyun ctx->total[0] &= 0xFFFFFFFF;
258*4882a593Smuzhiyun
259*4882a593Smuzhiyun if( ctx->total[0] < (uint32_t) ilen )
260*4882a593Smuzhiyun ctx->total[1]++;
261*4882a593Smuzhiyun
262*4882a593Smuzhiyun if( left && ilen >= fill )
263*4882a593Smuzhiyun {
264*4882a593Smuzhiyun memcpy( (void *) (ctx->buffer + left), input, fill );
265*4882a593Smuzhiyun mbedtls_sha1_process( ctx, ctx->buffer );
266*4882a593Smuzhiyun input += fill;
267*4882a593Smuzhiyun ilen -= fill;
268*4882a593Smuzhiyun left = 0;
269*4882a593Smuzhiyun }
270*4882a593Smuzhiyun
271*4882a593Smuzhiyun while( ilen >= 64 )
272*4882a593Smuzhiyun {
273*4882a593Smuzhiyun mbedtls_sha1_process( ctx, input );
274*4882a593Smuzhiyun input += 64;
275*4882a593Smuzhiyun ilen -= 64;
276*4882a593Smuzhiyun }
277*4882a593Smuzhiyun
278*4882a593Smuzhiyun if( ilen > 0 )
279*4882a593Smuzhiyun memcpy( (void *) (ctx->buffer + left), input, ilen );
280*4882a593Smuzhiyun }
281*4882a593Smuzhiyun
282*4882a593Smuzhiyun static const unsigned char sha1_padding[64] =
283*4882a593Smuzhiyun {
284*4882a593Smuzhiyun 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
285*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
286*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
287*4882a593Smuzhiyun 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
288*4882a593Smuzhiyun };
289*4882a593Smuzhiyun
290*4882a593Smuzhiyun /*
291*4882a593Smuzhiyun * SHA-1 final digest
292*4882a593Smuzhiyun */
mbedtls_sha1_finish(RK_SHA1_CTX * ctx,unsigned char output[20])293*4882a593Smuzhiyun void mbedtls_sha1_finish( RK_SHA1_CTX *ctx, unsigned char output[20] )
294*4882a593Smuzhiyun {
295*4882a593Smuzhiyun uint32_t last, padn;
296*4882a593Smuzhiyun uint32_t high, low;
297*4882a593Smuzhiyun unsigned char msglen[8];
298*4882a593Smuzhiyun
299*4882a593Smuzhiyun high = ( ctx->total[0] >> 29 )
300*4882a593Smuzhiyun | ( ctx->total[1] << 3 );
301*4882a593Smuzhiyun low = ( ctx->total[0] << 3 );
302*4882a593Smuzhiyun
303*4882a593Smuzhiyun PUT_UINT32_BE( high, msglen, 0 );
304*4882a593Smuzhiyun PUT_UINT32_BE( low, msglen, 4 );
305*4882a593Smuzhiyun
306*4882a593Smuzhiyun last = ctx->total[0] & 0x3F;
307*4882a593Smuzhiyun padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
308*4882a593Smuzhiyun
309*4882a593Smuzhiyun mbedtls_sha1_update( ctx, sha1_padding, padn );
310*4882a593Smuzhiyun mbedtls_sha1_update( ctx, msglen, 8 );
311*4882a593Smuzhiyun
312*4882a593Smuzhiyun PUT_UINT32_BE( ctx->state[0], output, 0 );
313*4882a593Smuzhiyun PUT_UINT32_BE( ctx->state[1], output, 4 );
314*4882a593Smuzhiyun PUT_UINT32_BE( ctx->state[2], output, 8 );
315*4882a593Smuzhiyun PUT_UINT32_BE( ctx->state[3], output, 12 );
316*4882a593Smuzhiyun PUT_UINT32_BE( ctx->state[4], output, 16 );
317*4882a593Smuzhiyun }
318*4882a593Smuzhiyun
319*4882a593Smuzhiyun /*
320*4882a593Smuzhiyun * output = SHA-1( input buffer )
321*4882a593Smuzhiyun */
rk_hash_sha1(const unsigned char * in,unsigned int in_len,unsigned char * out,unsigned int * out_len)322*4882a593Smuzhiyun int rk_hash_sha1(const unsigned char *in, unsigned int in_len,
323*4882a593Smuzhiyun unsigned char *out, unsigned int *out_len)
324*4882a593Smuzhiyun {
325*4882a593Smuzhiyun RK_SHA1_CTX ctx;
326*4882a593Smuzhiyun
327*4882a593Smuzhiyun if (in == NULL && in_len != 0)
328*4882a593Smuzhiyun return -1;
329*4882a593Smuzhiyun
330*4882a593Smuzhiyun if(out == NULL || out_len == NULL)
331*4882a593Smuzhiyun return -1;
332*4882a593Smuzhiyun
333*4882a593Smuzhiyun mbedtls_sha1_init( &ctx );
334*4882a593Smuzhiyun mbedtls_sha1_starts( &ctx );
335*4882a593Smuzhiyun mbedtls_sha1_update( &ctx, in, in_len );
336*4882a593Smuzhiyun mbedtls_sha1_finish( &ctx, out);
337*4882a593Smuzhiyun mbedtls_sha1_free( &ctx );
338*4882a593Smuzhiyun *out_len = 20;
339*4882a593Smuzhiyun return 0;
340*4882a593Smuzhiyun }
341*4882a593Smuzhiyun
342